{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T17:41:17.183","vulnerabilities":[{"cve":{"id":"CVE-2024-51569","sourceIdentifier":"security@apache.org","published":"2024-11-26T12:15:21.113","lastModified":"2025-07-08T14:15:47.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Read vulnerability in Apache NimBLE.\n\nMissing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory.\nThis issue requires broken or bogus Bluetooth controller and thus severity is considered low.\nThis issue affects Apache NimBLE: through 1.7.0.\n\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de lectura fuera de los límites en Apache NimBLE. La falta de una validación adecuada de la cantidad de paquetes completados de HCI podría provocar un acceso fuera de los límites al analizar un evento de HCI y una lectura no válida de la memoria de transporte de HCI. Este problema requiere un controlador Bluetooth dañado o falso y, por lo tanto, se considera de baja gravedad. Este problema afecta a Apache NimBLE: hasta la versión 1.7.0. Se recomienda a los usuarios que actualicen a la versión 1.8.0, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:nimble:*:*:*:*:*:*:*:*","versionEndExcluding":"1.8.0","matchCriteriaId":"71BB8957-7DC2-4E02-B560-1526E9758F46"}]}]}],"references":[{"url":"https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9","source":"security@apache.org","tags":["Patch"]},{"url":"https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/11/26/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}